Age | Commit message (Collapse) | Author | Files | Lines |
|
new open mechanism Andrew & I discussed.
config.sub:
configure: Included the QNX patch.
include/vfs.h:
smbd/vfs-wrap.c:
smbd/vfs.c: Added ftruncate vfs call (needed).
Note that we will also need locking calls in the vfs (to be added).
lib/util_unistr.c:
nmbd/nmbd_processlogon.c: Fix for NT domain logons causing nmbd to core dump.
Also fix for sidsize DOS bug.
locking/locking.c: Check value of ret before using it for memdup.
printing/printing.c: Convert print_fsp_open to return an allocated fsp.
rpc_server/srv_lsa.c: Fix for NT domain logons.
I have removed all use of lp_share_modes() from the code (although I
left the parameter in the table for backwards compatibility). It no longer makes
sense for this to exist.
smbd/close.c: Removed lp_share_modes().
smbd/fileio.c: Fixed parameters to unlock_share_entry call in panic code.
smbd/files.c: Correctly set the unix_ERR_code to ERRnofids on fsp allocation fail.
smbd/nttrans.c:
smbd/reply.c:
smbd/trans2.c: Changed all occurrences of open_file_shared/open_directory/
open_file_stat to return an fsp from the call.
smbd/open.c: Changed all occurrences of open_file_shared/open_directory/
open_file_stat to return an fsp from the call.
In addition I have fixed a long standing race condition in the deny mode
processing w.r.t. two smbd's creating a file. Andrew, please note that
your original idea of using open with O_EXCL in this case would not work
(I went over the races very carefully) and so we must re-check deny modes
*after* the open() call returns. This is because there is a race between
the open with O_EXCL and the lock of the share mode entry. Imagine the
case where the first smbd does the open with O_EXCL and a deny mode of DENY_ALL,
but is pre-empted before it locks the share modes and creates the deny
mode entry for DENY_ALL. A second smbd could then come in with O_RDONLY
and a deny mode of DENY_NONE and the two opens would be allowed.
The *only* way to fix this race is to lock the share modes after the
open and then do the deny mode checks *after* this lock in the case
where the file did not originally exist.
This code will need extensive testing but seems to initially work.
Jeremy.
(This used to be commit ab0ecc39d688f16b9692fe90b991f0b89287070a)
|
|
(This used to be commit 36fb5bc72fc6c0de719205ea34f497bfa0c4082f)
|
|
advance over it and 4-byte align.
this _used_ to be "regardless of domainsidsize, advance by domainsidsize+3"
which is wrong.
(This used to be commit 5086e6425f3630d8f5ca1e25a333eb97fdf86e93)
|
|
include/includes.h: Added SMB_BIG_UINT_BITS.
lib/util.c: Removed align2/align4 - use macros.
libsmb/namequery.c: Use ALIGN2.
locking/locking.c: Replace do_lock, do_unlock, args with SMB_BIG_UINT, not SMB_OFF_T.
Needed to move to hiding POSIX locks at a lower layer.
nmbd/nmbd_processlogon.c: Use ALIGN2/ALIGN4 macros.
smbd/blocking.c: Replace do_lock, do_unlock, args with SMB_BIG_UINT, not SMB_OFF_T.
smbd/reply.c: Replace do_lock, do_unlock, args with SMB_BIG_UINT, not SMB_OFF_T.
Jeremy.
(This used to be commit 491eea8a20bf80d426625479326211dc975857a6)
|
|
(This used to be commit 0da440c8fe365fd53c313e9dc62dda7e40916d62)
|
|
research plus some cleanups
(This used to be commit 1682faa1b0e95fc5acdf9b10da80a6515f8772cd)
|
|
assumption that we have one socket everywhere
while doing so I discovered a few bugs!
1) the clientgen session retarget code if used from smbd or nmbd would
cause a crash as it called close_sockets() which closed our main
socket! fixed by removing close_sockets() completely - it is unnecessary
2) the caching in client_addr() and client_name() was bogus - it could
easily get fooled and give the wrong result. fixed.
3) the retarget could could recurse, allowing an easy denial of
service attack on nmbd. fixed.
(This used to be commit 5937ab14d222696e40a3fc6f0e6a536f2d7305d3)
|
|
Jeremy.
(This used to be commit 715fa7ea8cf00d72c868bed420c28a29011f53a1)
|
|
list. This is done by default when interfaces are probed, but if someone
explicitly adds 127.0.0.1 to the interfaces line for smbd, then nmbd would
start to try and register names on it. This was not good :-(.
Jeremy.
(This used to be commit cc3ad825214686ad03dd4176d0c55290d1de6221)
|
|
(This used to be commit 1ac46c40118fce9443141ce19506d124a873b73d)
|
|
the previous definition could result is us overflowing a buffer. The
null termination was always added yet the size returned did not
include the null termination.
the new function takes a BOOL null_terminate, and always returns the
total number of bytes consumed by the string.
(This used to be commit 426c90433396a95033eefcc4af97603abc934221)
|
|
GETDC stuff sorted out
(This used to be commit f6b56ae93e47a54317f2711533ec8208d5cbc8a9)
|
|
nmbd. It does NOT follow the rule that packets to the wins server have
rec_des set (I know that we have postulated this in the past). Please
don't screw with this unless you do careful testing from WinXX
clients.
Luke and I spent a couple of hours today getting this right (it was
wrong in both TNG and HEAD)
(This used to be commit 9eda2e27b74d95975e481d92930ef87de7006919)
|
|
it clashes with other reload_services definitions.
(This used to be commit affaf9c5411e533a77621574d356e886eea93465)
|
|
multihomed registration we were sending the packet to the wrong host!
We sent it to the person trying to register rather than to the person
who currently holds the name. That means we were not secure and we
could allow two people to register the same name.
Jeremy, you may wish to merge this change into 2.0.X
(This used to be commit 94ca1d1250d12918311a402cc689050ba1d06e24)
|
|
reload services can be static
(This used to be commit b13a903720a6ef789ee7d688c05be2e77584580e)
|
|
nmbd/nmbd_processlogon.c: Use "True" and "False" instead of 1 and 0.
Others - preparing for multiple pdu write code.
Jeremy.
(This used to be commit 9f879ec396230deba34fbe5e82d8a65f92137c54)
|
|
now work.
(This used to be commit 27ef1789267c7af70071ac9b1d216b4dd745578a)
|
|
array of pointers. This should cause alignment on a correct boundary..
Spotted by Darren Reed <darrenr@telnetmedia.com>.
Jeremy.
(This used to be commit 91f4d0675333d7c5d7bb5ff077faaf83e1fd9bfe)
|
|
This fixes our netbios scope handling. We now have a 'netbios scope' option
in smb.conf and the scope option is removed from make_nmb_name()
this was prompted by a bug in our PDC finding code where it didn't append
the scope to the query of the '*' name.
(This used to be commit b563be824b8c3141c49558eced7829b48d4ab26f)
|
|
lp_string() bug properly.
we still need to add lp_talloc_free() calls in all the main event
loops, I've only put it in smbd and nmbd thus far.
(This used to be commit aa7f81552540f5dca2c146f5edd805611d5b390f)
|
|
I also fixed up the lookup_pdc_name() code so that it now works, even
with a NT server that insists on replying to udp/138.
The method I used to match packets was to use the mailslot string as a
datagram ID. The true dgm_id doesn't work as NT doesn't set it
correctly. uggh.
PS: Jeremy, I had to change your code quite a bit, are you sure this
worked with a Samba PDC?? The code looked broken, it got the offsets
wrong in the SMB portion of the packet and filled in the IP
incorrectly.
(This used to be commit 32f66f4ea63038cb4b3785bdf1762abdde076f5d)
|
|
yamd is much better, and doesn't require any source code changes
if you haven't seen yamd then take a look at
http://www3.hmc.edu/~neldredge/yamd/
its excellent!
(This used to be commit 25b13f8b79d648188036f027f45bc78ec117cc88)
|
|
this means "nmblookup -S" now always works, even with broken servers
the database stores all unexpected replies and these can be accessed
by any client.
while doing this I cleaned up a couple of functions, and put in place
a better trn_id generator. in most places the code got quite a bit
simpler due to the addition of simple helper functions.
I haven't yet put the code in to take advantage of this for pdc
replies - that will be next. Jeremys pdc finding code will then work :)
(This used to be commit 280e6359d36c9bc8dcded302f15c3a1db8e3feeb)
|
|
- added TDB_CLEAR_IF_FIRST flag to clear the database if this is the
first attached process. Useful for non-persistent databases like our
locking area (this will also make upgrades to new database layouts easier)
- use lock_path() in a couple of places
- leave connections database open while smbd running
- cleaned up some tdb code a little, using macros for constants
(This used to be commit 00e9da3ca577527db392aced62f02c69cfee8f4f)
|
|
(This used to be commit 453a822a76780063dff23526c35408866d0c0154)
|
|
they should all be replaced with cli_establish_connection().
created cli_use_wait_keyboard() which waits on multiple cli_states
and swallows session keepalives.
(This used to be commit fcc39b3f4f2f8d04d3fab09db048b4f3dc1e97d5)
|
|
(This used to be commit e4d92ff9dfc51735e6932748f66a7c20b2c1cb6a)
|
|
desired flag MUST be set in any NBT UDP packets sent to a WINS
server, else they will go to the WINS client side of the NT NetBIOS
kernel instead, and will get trashed.
- added \PIPE\browser server-side code.
(This used to be commit 8e406c1fa296c3f97b1cd7ddde7b5aeb9232b26e)
|
|
request name.
modified createuser rpcclient command to examine name being added. if it
ends in a $, assume that a workstation trust account is being added.
(This used to be commit 4aea261cb0e5f34255ff83271eb5cadb0eb78bc9)
|
|
reg_io_r_info() working properly. previously they weren't well
understood (well, they were the first of the registry functions i did,
back in december 97, ok??? :-)
set ntversion to 0x1 in SAMQUERY, so that we reply same as NT4 srv.
(This used to be commit 98ddeaf442cb30972cb281bf0489a6e5f7eb2883)
|
|
- disabled (AGAIN) the GETDC "if (MAILSLOT\NTLOGON)" code that will get
NT5rc2 to work but WILL break win95 (AGAIN). this needs _not_ to be
re-enabled but to be replaced with a better mechanism.
- added SMBwrite support (note: SMBwriteX already existed) as NT5rc2 is
sending DCE/RPC over SMBwrite not SMBwriteX.
(This used to be commit 25c70e3c984c4fed19763ed405741e83fe14f87e)
|
|
password change requests), from Michael Stockman <pgmtekn@algonet.se>.
GETDC on \MAILSLOT\NET\NETLOGON necessarily returns less information
than the NTLOGON version.
(This used to be commit 8a603a8793cb067cd06edc3d73d0b35c427ed5ed)
|
|
who doesn't know what an LMB or DMB is.
* check_master_browser_exists now performs the check the first time
around, so if there is indeed no master browser then Samba takes up the job
much faster.
* Upped default OS level to 32. There is no reason why some stupid little
Windows box should become LMB instead of a Samba *server*.
* "domain master" now defaults to "auto". Currently this attempts to
become DMB iff Samba is the PDC (ala Windows NT). "preferred master" also
defaults to "auto", which enables preferred master iff Samba is DMB.
* lp_server_role now just returns the predetermined role, rather than
working it out each time, since the server role is becoming very heavily
used (esp for the BDC code).
(This used to be commit 4a23a358b5ad8873acb7db11f27b87d2a016bec1)
|
|
(This used to be commit baf55934dc5118f8c423fe05c0e4b8d7c018fa14)
|
|
(This used to be commit 9d01e9d86a8d22a283a8377a12bb175398547d78)
|
|
(This used to be commit de290627f06915d420d37d2a3ac2f736c4cf8d74)
|
|
using smbpasswd command.
(This used to be commit 62d499f83256c6e8b3308dc4bd8e9f5df873b14b)
|
|
it's wrong. i've seen a packet from nt client on MAILSLOT\NETLOGON
with appended undocumented unicode tacked on the end and the response
contained undocumented unicode tacked on the end.
(This used to be commit 74c7d626cd85189c902489d220c3eca30a4b1bb1)
|
|
Also some string length and sizeof(pointer) corrections.
(This used to be commit ce24191939b82985d09eabe945199f38b0fea486)
|
|
No more ugly static library buffers and all functions take a destination
string length (especially unistrcpy was rather dangerous; we were only
saved by the fact that datagrams are limited in size).
(This used to be commit a1d39af1ce1d451b811dbd7c2ba391214851b87e)
|
|
retransmit_or_expire_response_records().
Jeremy.
(This used to be commit d5f05b4faef50e7cfc0ed05a87d92e14102106c6)
|
|
(This used to be commit ca10eb44909e66a07dc7f88b0a740390f9ec3922)
|
|
(This used to be commit 501617307f3b9bbad76406d00b1bc82f5cb479a6)
|
|
This allows the removal of PASSDB_OBJ, RPC_CLIENT_OBJ and
RPC_PARSE_OBJ from nmbd in the head branch.
so nmbd just went on a diet :)
(This used to be commit be697c9ef00f1b6366228dcdd3983d68158dd94f)
|
|
nmbd and smbd. nmbd is now client: smbd is solely responsible for
creating sam_name.SID
(This used to be commit 50fa4822df679b4d54b5a868179594ec087e811f)
|
|
samr_query_aliasmembers (cool!)
util_pwdb.c sids.c nmbd.c server.c smbpasswd.c swat.c :
pwdb_initialise(BOOL is_server) now creates / reads DOMAIN_NAME.SID
if is_server is True, and does LsaQueryInfoPolicy(levels 3 and 5)
to obtain member and pdc sids.
(This used to be commit 3e1eb4f26b67e484b05e1dde94fd4e4dae982631)
|
|
- split sam_passwd and smb_passwd into separate higher-order function tables
- renamed struct smb_passwd's "smb_user" to "unix_user". added "nt_user"
plus user_rid, and added a "wrap" function in both sam_passwd and smb_passwd
password databases to fill in the blank entries that are not obtained
from whatever password database API instance is being used.
NOTE: whenever a struct smb_passwd or struct sam_passwd is used, it MUST
be initialised with pwdb_sam_init() or pwd_smb_init(), see chgpasswd.c
for the only example outside of the password database APIs i could find.
- added query_useraliases code to rpcclient.
- dealt with some nasty interdependencies involving non-smbd programs
and the password database API. this is still not satisfactorily
resolved completelely, but it's the best i can do for now.
- #ifdef'd out some password database options so that people don't
mistakenly set them unless they recompile to _use_ those options.
lots of debugging done, it's still not finished. the unix/NT uid/gid
and user-rid/group-rid issues are better, but not perfect. the "BUILTIN"
domain is still missing: users cannot be added to "BUILTIN" groups yet,
as we only have an "alias" db API and a "group" db API but not "builtin-alias"
db API...
(This used to be commit 5d5d7e4de7d1514ab87b07ede629de8aa00519a1)
|
|
Tidied up some of the mess (no other word for it). Still doesn't
compile cleanly. There are calls with incorrect parameters that
don't seem to be doing the right thing.
This code still needs surgery :-(.
Jeremy.
(This used to be commit 18ff93a9abbf68ee8c59c0af3e57c63e4a015dac)
|
|
the pre-alpha "domain group" etc parameters have disappeared.
- interactive debug detection
- re-added mem_man (andrew's memory management, detects memory corruption)
- american spellings of "initialise" replaced with english spelling of
"initialise".
- started on "lookup_name()" and "lookup_sid()" functions. proper ones.
- moved lots of functions around. created some modules of commonly used
code. e.g the password file locking code, which is used in groupfile.c
and aliasfile.c and smbpass.c
- moved RID_TYPE_MASK up another bit. this is really unfortunate, but
there is no other "fast" way to identify users from groups from aliases.
i do not believe that this code saves us anything (the multipliers)
and puts us at a disadvantage (reduces the useable rid space).
the designers of NT aren't silly: if they can get away with a user-
interface-speed LsaLookupNames / LsaLookupSids, then so can we. i
spoke with isaac at the cifs conference, the only time for example that
they do a security context check is on file create. certainly not on
individual file reads / writes, which would drastically hit their
performance and ours, too.
- renamed myworkgroup to global_sam_name, amongst other things, when used
in the rpc code. there is also a global_member_name, as we are always
responsible for a SAM database, the scope of which is limited by the role
of the machine (e.g if a member of a workgroup, your SAM is for _local_
logins only, and its name is the name of your server. you even still
have a SID. see LsaQueryInfoPolicy, levels 3 and 5).
- updated functionality of groupname.c to be able to cope with names
like DOMAIN\group and SERVER\alias. used this code to be able to
do aliases as well as groups. this code may actually be better
off being used in username mapping, too.
- created a connect to serverlist function in clientgen.c and used it
in password.c
- initialisation in server.c depends on the role of the server. well,
it does now.
- rpctorture. smbtorture. EXERCISE EXTREME CAUTION.
(This used to be commit 0d21e1e6090b933f396c764af535ca3388a562db)
|